Title :
Survey on malware anti-analysis
Author :
Yuxin Gao ; Zexin Lu ; Yuqing Luo
Author_Institution :
Nat. Univ. of Defense Technol., Changsha, China
Abstract :
The anti-analysis technology of malware has always been the focus in the computer security field. Malware implements the self-protection by anti-static analysis and anti-dynamic analysis: anti-static analysis uses the method of packers and code obfuscation to disturb disassembly and the identification of control flow; anti-dynamic analysis detects system operating environment information to realize the anti-tracking for debugger and virtual machines. This paper in-depth analyzes and summarizes the principle of various technologies of anti-analysis methods used by malware, explores the advantages, disadvantages and applicability of these technologies, and provides some ideas and technical direction for the development of malware analysis techniques.
Keywords :
invasive software; program debugging; program diagnostics; virtual machines; antidynamic analysis; antistatic analysis; debugger; malware antianalysis; packers and code obfuscation; virtual machines; Encryption; Feature extraction; Kernel; Malware; Registers; Virtual machining;
Conference_Titel :
Intelligent Control and Information Processing (ICICIP), 2014 Fifth International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-1-4799-3649-6
DOI :
10.1109/ICICIP.2014.7010353
